name: Build and Deploy on: push: branches: [main] pull_request: branches: [main] jobs: build: runs-on: ubuntu-latest outputs: image-tags: ${{ steps.meta.outputs.tags }} steps: - name: Checkout code uses: actions/checkout@v4 - name: Generate image metadata id: meta run: | REGISTRY="${{ vars.PACKAGES_REGISTRY }}" REPO="${{ gitea.repository }}" # Genera tag con timestamp e commit SHA TIMESTAMP=$(date -u +'%Y%m%d-%H%M%S') SHORT_SHA=$(git rev-parse --short HEAD) TAG="${REGISTRY}/${REPO}:${TIMESTAMP}-${SHORT_SHA}" LATEST_TAG="${REGISTRY}/${REPO}:latest" echo "tags=${TAG} ${LATEST_TAG}" >> $GITHUB_OUTPUT echo "tag=${TAG}" >> $GITHUB_OUTPUT echo "latest_tag=${LATEST_TAG}" >> $GITHUB_OUTPUT - name: Debug Docker setup run: | echo "=== Docker Environment Variables ===" env | grep -i docker || echo "No DOCKER_* vars found" echo "" echo "=== Checking for Docker socket ===" ls -la /var/run/docker.sock 2>/dev/null || echo "Socket not found at /var/run/docker.sock" echo "" echo "=== Checking for certificates ===" ls -la /certs/client/ 2>/dev/null || echo "Certs not found at /certs/client" echo "" echo "=== Docker CLI version ===" docker version 2>&1 | head -20 - name: Configure Docker for remote host run: | # Setup Docker per connettersi al daemon remoto con TLS export DOCKER_HOST=tcp://127.0.0.1:2376 export DOCKER_TLS_VERIFY=1 export DOCKER_CERT_PATH=/certs/client echo "DOCKER_HOST=${DOCKER_HOST}" >> $GITHUB_ENV echo "DOCKER_TLS_VERIFY=${DOCKER_TLS_VERIFY}" >> $GITHUB_ENV echo "DOCKER_CERT_PATH=${DOCKER_CERT_PATH}" >> $GITHUB_ENV - name: Test Docker connection run: | echo "Testing Docker with TLS..." docker --tlsverify --tlscacert=$DOCKER_CERT_PATH/ca.pem \ --tlscert=$DOCKER_CERT_PATH/cert.pem \ --tlskey=$DOCKER_CERT_PATH/key.pem \ -H=tcp://127.0.0.1:2376 ps - name: Build Docker image run: | echo "Building image: ${{ steps.meta.outputs.tag }}" docker --tlsverify --tlscacert=$DOCKER_CERT_PATH/ca.pem \ --tlscert=$DOCKER_CERT_PATH/cert.pem \ --tlskey=$DOCKER_CERT_PATH/key.pem \ -H=tcp://127.0.0.1:2376 build \ -t "${{ steps.meta.outputs.tag }}" \ -t "${{ steps.meta.outputs.latest_tag }}" \ --label "git.commit=${{ gitea.sha }}" \ --label "git.ref=${{ gitea.ref }}" \ . - name: Log in to Gitea Container Registry if: github.event_name == 'push' run: | echo "${{ secrets.TOKEN }}" | docker --tlsverify --tlscacert=$DOCKER_CERT_PATH/ca.pem \ --tlscert=$DOCKER_CERT_PATH/cert.pem \ --tlskey=$DOCKER_CERT_PATH/key.pem \ -H=tcp://127.0.0.1:2376 login \ -u "${{ secrets.USERNAME }}" \ --password-stdin \ "${{ vars.PACKAGES_REGISTRY }}" - name: Push Docker image if: github.event_name == 'push' run: | echo "Pushing images..." docker --tlsverify --tlscacert=$DOCKER_CERT_PATH/ca.pem \ --tlscert=$DOCKER_CERT_PATH/cert.pem \ --tlskey=$DOCKER_CERT_PATH/key.pem \ -H=tcp://127.0.0.1:2376 push "${{ steps.meta.outputs.tag }}" docker --tlsverify --tlscacert=$DOCKER_CERT_PATH/ca.pem \ --tlscert=$DOCKER_CERT_PATH/cert.pem \ --tlskey=$DOCKER_CERT_PATH/key.pem \ -H=tcp://127.0.0.1:2376 push "${{ steps.meta.outputs.latest_tag }}" echo "Push completed successfully" - name: Logout from Gitea Container Registry if: always() run: | docker --tlsverify --tlscacert=$DOCKER_CERT_PATH/ca.pem \ --tlscert=$DOCKER_CERT_PATH/cert.pem \ --tlskey=$DOCKER_CERT_PATH/key.pem \ -H=tcp://127.0.0.1:2376 logout "${{ vars.PACKAGES_REGISTRY }}" || true deploy: name: Deploy to target needs: build runs-on: ubuntu-latest if: github.event_name == 'push' steps: - name: Call deploy endpoint run: | # Verifica che le variabili/secret siano impostati if [ -z "${{ vars.DEPLOY_URL }}" ] || [ -z "${{ secrets.DEPLOY_USERNAME }}" ] || [ -z "${{ secrets.DEPLOY_PASSWORD }}" ]; then echo "DEPLOY_URL, DEPLOY_USERNAME or DEPLOY_PASSWORD not set; skipping deploy step." exit 0 fi echo "Triggering deploy endpoint..." # curl --fail ritorna exit code != 0 se lo status HTTP non รจ 2xx curl --fail -s -X POST \ --user "${{ secrets.DEPLOY_USERNAME }}:${{ secrets.DEPLOY_PASSWORD }}" \ "${{ vars.DEPLOY_URL }}"